ALERT FROM NETSCALER - OPEN SSH SERVER VULNERABILITY MAY AFFECT NETSCALER CUSTOMERS

_{NetScaler Blog post July 3, 2024 by Jaskirat Singh Chauhan - click here}

Qualys has discovered a remote unauthenticated code execution vulnerability in OpenSSH’s server, sshd, in glibc-based Linux systems. Because this vulnerability is a regression of the previously patched vulnerability CVE-2006-5051, which was reported in 2006, it is being referred to as regreSSHion. The vulnerability has been assigned the CVE identifier CVE-2024-6387.

OpenSSH maintainers have released security updates to contain a critical security flaw that could result in unauthenticated remote code execution with root privileges in glibc-based Linux systems.

The vulnerability is a signal handler race condition in OpenSSH’s server (sshd) that allows unauthenticated remote code execution as root on glibc-based Linux systems. This race condition affects OpenSSH in its default configuration.

NetScaler customers, including NetScaler Gateway users, may be impacted by this vulnerability. Cloud Software Group is performing analysis on the issue and will provide updates regarding whether NetScaler customers are affected.

Improved vulnerability management with NetScaler Console 

If you use NetScaler Console (formerly NetScaler Application Delivery Management), this is an ideal time to explore the security features it provides. The Security Advisory and Upgrade Advisory features can help reduce your time to patch, which can be critical in the current threat landscape:

• Security Advisory protects your infrastructure by highlighting NetScaler ADCs with CVE exposure, scheduling on-demand vulnerability scans, and suggesting remediations.
• Upgrade Advisory helps you with the lifecycle management of NetScaler ADCs.
• File Integrity Monitoring ensures the integrity of the files on NetScalers ADCs  by determining if changes have been made to your NetScaler build files.